61,271 research outputs found
Can Component/Service-Based Systems Be Proved Correct?
Component-oriented and service-oriented approaches have gained a strong
enthusiasm in industries and academia with a particular interest for
service-oriented approaches. A component is a software entity with given
functionalities, made available by a provider, and used to build other
application within which it is integrated. The service concept and its use in
web-based application development have a huge impact on reuse practices.
Accordingly a considerable part of software architectures is influenced; these
architectures are moving towards service-oriented architectures. Therefore
applications (re)use services that are available elsewhere and many
applications interact, without knowing each other, using services available via
service servers and their published interfaces and functionalities. Industries
propose, through various consortium, languages, technologies and standards.
More academic works are also undertaken concerning semantics and formalisation
of components and service-based systems. We consider here both streams of works
in order to raise research concerns that will help in building quality
software. Are there new challenging problems with respect to service-based
software construction? Besides, what are the links and the advances compared to
distributed systems?Comment: 16 page
Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1
This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines
Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems
We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment
aimed at fostering the collaboration between system designers and security
experts at all methodological stages of the development of an embedded system.
A central issue in the design of an embedded system is the definition of the
hardware/software partitioning of the architecture of the system, which should
take place as early as possible. SysML-Sec aims to extend the relevance of this
analysis through the integration of security requirements and threats. In
particular, we propose an agile methodology whose aim is to assess early on the
impact of the security requirements and of the security mechanisms designed to
satisfy them over the safety of the system. Security concerns are captured in a
component-centric manner through existing SysML diagrams with only minimal
extensions. After the requirements captured are derived into security and
cryptographic mechanisms, security properties can be formally verified over
this design. To perform the latter, model transformation techniques are
implemented in the SysML-Sec toolchain in order to derive a ProVerif
specification from the SysML models. An automotive firmware flashing procedure
serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
A System for Deduction-based Formal Verification of Workflow-oriented Software Models
The work concerns formal verification of workflow-oriented software models
using deductive approach. The formal correctness of a model's behaviour is
considered. Manually building logical specifications, which are considered as a
set of temporal logic formulas, seems to be the significant obstacle for an
inexperienced user when applying the deductive approach. A system, and its
architecture, for the deduction-based verification of workflow-oriented models
is proposed. The process of inference is based on the semantic tableaux method
which has some advantages when compared to traditional deduction strategies.
The algorithm for an automatic generation of logical specifications is
proposed. The generation procedure is based on the predefined workflow patterns
for BPMN, which is a standard and dominant notation for the modeling of
business processes. The main idea for the approach is to consider patterns,
defined in terms of temporal logic,as a kind of (logical) primitives which
enable the transformation of models to temporal logic formulas constituting a
logical specification. Automation of the generation process is crucial for
bridging the gap between intuitiveness of the deductive reasoning and the
difficulty of its practical application in the case when logical specifications
are built manually. This approach has gone some way towards supporting,
hopefully enhancing our understanding of, the deduction-based formal
verification of workflow-oriented models.Comment: International Journal of Applied Mathematics and Computer Scienc
- …